package de.fhd.pms.ctrl;

import java.util.List;

import javax.validation.Valid;

import org.apache.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
import org.springframework.validation.ObjectError;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import de.fhd.pms.dao.ActionDao;
import de.fhd.pms.dao.UserDao;
import de.fhd.pms.model.Action;
import de.fhd.pms.model.User;
/**
 * The controller class for Action.
 */
@Controller
public class ActionController {

	private static Logger log = Logger.getLogger(UserController.class);

	private ActionDao actionDao = null;
	private UserDao userDao = null;

	/**
	 * Set UserDao
	 * @param userDao
	 */
	public void setUserDao(UserDao userDao) {
		this.userDao = userDao;
	}
	/**
	 * Get UserDao
	 * @return userDao
	 */
	public UserDao getUserDao() {
		return userDao;
	}
	/**
	 * Set ActionDao
	 * @param actionDao
	 */
	public void setActionDao(ActionDao actionDao) {
		this.actionDao = actionDao;
	}
	/**
	 * In case of Requesting "/addaction.html", RequestMethod = GET,
	 * the Controller opens the .jsp-view addaction and manages data access
	 * @return addaction
	 */
	@RequestMapping(value = "/addaction.html", method = RequestMethod.GET)
	public String showAddTourForm(ModelMap model) {
		model.addAttribute("action", new Action());
		return "addaction";
	}
	/**
	 * In case of Requesting "/addaction.html", RequestMethod = POST,
	 * the Controller opens the .jsp-view addaction and manages data access
	 * @return addaction
	 */
	@RequestMapping(value = "/addaction.html", method = RequestMethod.POST)
	public String processRegistrationForm(@Valid Action action,
			BindingResult result) {
		// check for annotation validation errors
		// if there are errors in the object,
		// then new action adding functionality is forbidden 
		if (result.hasErrors()) {
			log.info("add action failed");
			for (ObjectError error : result.getAllErrors()) {
				log.info(" - error:" + error.toString());
			}
			// let user stay on the addaction page
			return "addaction";
		}
		
		// get username of authentificated user
		Authentication auth = SecurityContextHolder.getContext()
				.getAuthentication();
		String username = auth.getName();
		log.info("NAME: " + username);
		
		// find user by username and set authentificated user to the action
		User userTmp = userDao.findByUsername(username);
		action.setUser(userTmp);
		log.info("userID: " + userTmp.getId());
		// save new action to the database
		Action tmpAction = actionDao.save(action);
		log.info(tmpAction.getUser().getId());
		// let user stay on the addaction page
		return "addaction";
	}
	
	/**
	 * In case of Requesting "/actionlist.html" & RequestMethod = GET,
	 * the Controller opens the .jsp-view actionlist and manages data access
	 * @return actionlist
	 */
	@RequestMapping(value = "/actionlist.html", method = RequestMethod.GET)
	public String showActionsForm(ModelMap model) {
		// search for all actions in the database and set them to the model attributes
		List<Action> actions = actionDao.findAll();
		model.addAttribute("actionValues", actions);
		model.addAttribute("action", new Action());
		// let user stay on the actionlist page
		return "actionlist";
	}
	/**
	 * In case of Requesting "/searchaction.html" & RequestMethod = POST,
	 * the Controller opens the .jsp-view actionlist and manages data access
	 * @return actionlist
	 */
	@RequestMapping(value = "/searchaction.html", method = RequestMethod.POST)
	public String showActionSearchResultsForm(ModelMap model) {
		List<Action> actions = null;
		model.addAttribute("action", new Action());
		model.addAttribute("actionValues", actions);
		return "actionlist";
	}
	/**
	 * In case of Requesting "/DeleteAction.html" & RequestMethod = GET,
	 * the Controller opens the .jsp-view actionlist and manages data access
	 * @return actionlist.
	 */
	@RequestMapping(value = "/DeleteAction.html", method = RequestMethod.GET)
	public String deleteAction(Action action, BindingResult result) {
		// get username of authentificated user
		Authentication auth = SecurityContextHolder.getContext()
				.getAuthentication();
		String username = auth.getName();
		User user = userDao.findByUsername(username);
		log.info(username);
		log.info("user:" +user.getId());
		// find action by id in the database
		action = actionDao.findByActionId(action.getId());
		
		// check that action has user, which created it
		if (action.getUser() != null) {
			log.info("user:" +user.getId());
			log.info("owner:" +action.getUser().getId());
			// check that the user, who wants to delete action, is the owner of action
			// if user is owner, then action will be deleted
			if (action.getUser().getId().equals(user.getId())) {
				actionDao.delete(action);
				log.info("deleted");
			}
			log.info("fff");
		}
		
		// user is redirected to the list with all actions
		return "redirect:actionlist.html";
	}

}
